using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

using System.Data.SqlClient;

public partial class _Default : System.Web.UI.Page 
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }
    protected void btnLogon_Click(object sender, EventArgs e)
    {
        if (txtCODE.Text.ToLower() != Session["CHK_CODE"].ToString())
        {
            return;
        }
        if (System.Convert.ToInt16(Session["FAIL_TIMES"]) >= 3)
        {
            lblError.Text = "Too many fails. Close your browser please.";
            return;
        }
        
        string pwd_sha1;
        pwd_sha1 = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(txtPWD.Text, "SHA1");


        DataTable myTab = new DataTable();
        SqlCommand cmd = new SqlCommand();
        cmd.CommandText = "core_logon";
        SqlParameter para = cmd.Parameters.AddWithValue("@uid", txtUID.Text);
        para = cmd.Parameters.AddWithValue("@pwd", pwd_sha1);

        try
        {
            TinyDAL.Exec(ref cmd, ref myTab);
            if (myTab.Rows.Count != 1)
            {
                myTab.Clear();
                Session["FAIL_TIMES"] = System.Convert.ToInt16(Session["FAIL_TIMES"]) + 1;
                lblError.Text = "Log on fail.";
                return;
            }

            DataRow row1 = myTab.Rows[0];
            
            Session["USER"] = row1["uid"].ToString().Trim();//txtUserID.Text;
            Response.Redirect("main_frame.htm");

        }
        catch (Exception ex)
        {
            lblError.Text = ex.Message;
        }
        
    }
}
